ometimes called
"Linux S3" or similar). If not, I'm afraid you are out of luck, you can
see progress of s2idle support at (as you already found):
https://github.com/QubesOS/qubes-issues/issues/6411
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP
ot that would be a feature
> request!
That's the main reason why Qubes 4.1 doesn't use xen.cfg at all. There
is standard grub, where you have menu, editor etc.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/T
ry
name that does not interfere with version-based entries. And do that by
installing kernel "manually", exactly to avoid dnf/rpm removing older
packages. For the grub entry, I usually edit
/boot/efi/EFI/qubes/grub.cfg manually (copy existing section and just
replace file
ter syntax is describe in the
comment just above the this option.
The great majority of users do not need to change it (unless we missed
some common device? but then we should update the default filter), so
the risk of messing it up by novice user is minimal.
- --
Best Regards,
Marek M
e mime part, which was
compatible with signatures, but they changed it. I have no idea what
other (non-self-hosted) providers do.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmIpZpwACgkQ24/THMrX
1y
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Nov 05, 2021 at 02:48:37PM +0100, Marek Marczykowski-Górecki wrote:
> On Fri, Nov 05, 2021 at 02:19:30AM -0700, code9n wrote:
> > Hi,
> >
> > Qubes manager version: qubes-manager-4.1.19-1.fc32.noarch .
> >
&
it indeed happens when qube settings is
opened from within qube manager. When it's opened from the menu
separately, it works fine.
I've copied your report to https://github.com/QubesOS/qubes-issues/issues/7039
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible
e automatically on boot' does save the setting for
me.
What qubes-manager package version you have, you can check it with
`rpm -q qubes-manager` command.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1yw
ithub.com/QubesOS/qubes-issues/issues/6814
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmGEfgYACgkQ24/THMrX
1yxdAgf+LBOJK4Sp2hv5FS2zz/8XRN+QktbnvXh4MeOrJ7iGEAC+5i6+wvEjEUN7
IFk+KNtCo
ts.
Again, if that's logrotate, you can stop the timer before, and restart it
afterwards.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmFl4ocACgkQ24/THMrX
1ywC1gf8ChUCgVxe/SIH
edora-33
> Error: Unable to find a match: qubes-template-fedora-33
Regardless of the issue above, I recommend using new qvm-template tool
instead.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmFl
Dear Qubes Community,
We have just published Qubes Security Bulletin (QSB) 071: Fatal options
filtering flaw in Split GPG. The text of this QSB is reproduced below.
This QSB and its accompanying signatures will always be available in the
Qubes Security Pack (qubes-secpack).
View QSB-071 in the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> >>> Marek Marczykowski-Górecki 31.08.2021, 02:52 >>>
> On Mon, Aug 30, 2021 at 05:39:40PM -0700, Andrew David Wong wrote:
> > On 8/30/21 2:12 PM, haaber wrote:
> > >
> > > > > Kind of a
n CPUs is quite complex. And yes, there are known
issues[1] affecting suspend. Disabling hyper-threading in BIOS, prevents
Xen from starting those secondary threads at all, and so it doesn't need
to bring them down.
[1] https://github.com/QubesOS/qubes-issues/issues/6066#issuecom
ue) because Mozilla has been a great supporter of Qubes with the big
> grant they gave so it's the least we could do as well as to not put
> Firefox at a disadvantage.
Yes, having this in community repo would be fantastic! In fact, I'd even
consider adding it into the main repo and have it inst
> Duration:
>Changes:
> --
>
> Marek or Demi, can you confirm?
Yes this seems right (in subsequent runs, the
/usr/lib/rpm/macros.d/macros.qubes state will not have "New file"
comment, but will still have "Result: True").
Be
4.1, that
includes the same fix.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmBKNdAACgkQ24/THMrX
1ywbjgf+M70MVByRydvWSSHpfe3+pCFXhj0JefiL8m2k/SwrgHxQRPG4UvOjT1TJ
FUrrPMGIDnsbkvFEphSkucLw0Jqfb9lhepd6P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, Jan 16, 2021 at 01:49:25AM +, Jinoh Kang wrote:
> On 1/15/21 8:06 PM, Marek Marczykowski-Górecki wrote:
> > On Fri, Jan 15, 2021 at 05:29:43PM +, Jinoh Kang wrote:
> >> Is qubes-xorg-x11-drv-intel an option? Upstre
apshot.
We do backport this package from newer Fedora already:
https://github.com/QubesOS/qubes-linux-dom0-updates
But I would prefer to get it upstream anyway (and then possibly build
xorg-x11-drv-intel from newer git snapshot).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Thin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Wed, Jan 13, 2021 at 01:21:51PM +, Jinoh Kang wrote:
> On 1/11/21 11:03 PM, Marek Marczykowski-Górecki wrote:
> > So, I can confirm the (fixed) 5.10 patch also improves the situation.
>
> Sounds good. Thanks for testing!
llow-up patches and give some feedback here.
So, I can confirm the (fixed) 5.10 patch also improves the situation.
Have you sent it upstream? I do consider including it in our standard
kernel package, but I'd like to see i915 driver maintainer opinion
first.
- --
Best Regards,
Marek Marczykows
const char *type,
> diff --git a/drivers/gpu/drm/i915/i915_params.h
> b/drivers/gpu/drm/i915/i915_params.h
> index 330c03e2b4f7..1169a610a73c 100644
> --- a/drivers/gpu/drm/i915/i915_params.h
> +++ b/drivers/gpu/drm/i915/i915_params.h
> @@ -79,6 +79,7 @@ struct drm_printer;
>
ers run fine).
>
> The VMs which failed were running PV mode, switching to PVH fixed them.
This seems to be:
https://github.com/QubesOS/qubes-issues/issues/6052
So, it is related to the Linux kernel version, not really Xen version.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible T
ng/
> >
> Hi,
>
> I tried to install, but I think it doesn't install because I already
> installed kernel-latest (I need it for my ethernet card):
>
> [xxx@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing
> kernel
Try adding `--action=update`
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dear Qubes Community,
We have just published Qubes Security Bulletin (QSB) #61: Information
leak via power sidechannel (XSA-351). The text of this QSB is
reproduced below. This QSB and its accompanying signatures will always
be available in the
ive stream are here:
https://twitter.com/3mdeb_com/status/1263068441319223296
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP
ally see issues linked there)
Sadly, Python 3.8 in there breaks few things (including updates via
salt), so it may not be ready before Fedora 30 EOL.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q
anything inside the VM, if this would be the cause, you
wouldn't get any output from the vm. Check modification time on the log,
if it's really about latest try.
Can you start the debian-10 template itself? Or it fails the same way?
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things L
On Sat, Mar 28, 2020 at 12:57:55AM +0100, Ulrich Windl wrote:
> On 2020-03-21 20:39, Marek Marczykowski-Górecki wrote:
> ...
> > Sounds like https://github.com/QubesOS/qubes-issues/issues/5705
> > The fix is already in current-testing repository, and will be uploaded
> >
l be uploaded
to current (aka stable) in few days.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Mar 20, 2020 at 01:05:02AM +0100, Vít Šesták wrote:
> Hello,
>
> On March 20, 2020 12:33:31 AM GMT+01:00, "Marek Marczykowski-Górecki"
> wrote:
> >I didn't spot VT-d errors, but I'm not e
attaching ethernet PCI device.
Is it a Realtek card? I don't remember exactly what helped, but
something helped here. Paweł, can you help?
It was either attaching SD card reader (which is another function on the
same PCI device) to the sys-net, or enabling no-strict-reset option (or
maybe permis
bes, as relevant interfaces are not available
from within a VM.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNAT
he box without requiring an addon - meaning probably more people
will use it.
BTW we need to verify is this major breakage of Thunderbird addons won't
break other Qubes features too - namely opening attachments in
DisposableVM, which is also done using an addon.
- --
Best Regards,
Marek Marczykowski-Górec
D-only,
> apparently. Unclear to me if the other items 1.2.35 and higher, which is
> for "x86" apply only to intel or to all x86 architecture.
I may be missing it in this thread, but have anybody tried Qubes 4.1
builds (with Xen 4.13) on such system? Does it have the same issue?
nly then find
how to mitigate this issue. If specific flags would turn out to be not
related to security features or otherwise having unwanted effects, then
ignoring those changes would be an option. But ignoring _only those
flags verified to be safe to ignore_, not all of them.
- --
Best Regards,
Marek
e using it.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl4X0IEACgkQ24/THMrX
1yzgDgf8CAQZyZ
org/doc/firewall/#enabling-networking-between-two-qubes
[2] https://nvd.nist.gov/vuln/detail/CVE-2019-14899
- --
The Qubes Security Team
https://www.qubes-os.org/security/
```
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normall
/advisory-310.html
[2] https://xenbits.xen.org/xsa/advisory-311.html
- --
The Qubes Security Team
https://www.qubes-os.org/security/
```
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting
s/4855
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl3PEHUACgkQ24/THMrX
1yy5rAf
y-299.html
[2] https://xenbits.xen.org/xsa/advisory-302.html
- --
The Qubes Security Team
https://www.qubes-os.org/security/
```
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: W
ora 29).
>
> Should I just switch or rather not touch it?
Yes, it's ok to and even desirable to switch. It should be based on
stock template without less trusted repositories and software installed.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes u
qubes-os.org/doc/backup-restore/
[4] https://www.qubes-os.org/doc/backup-emergency-restore-v4/
[5] https://www.qubes-os.org/doc/backup-emergency-restore-v3/
[6] https://www.qubes-os.org/doc/backup-emergency-restore-v2/
- --
The Qubes Security Team
https://www.qubes-os.org/security/
```
- --
Best
antime, you can try some naive methods of slowing down the
extraction process, for example by attaching strace to it (`strace -p
$(pidof qfile-dom0-unpacker)`), or pausing it from time to time by
sending SIGSTOP signal (and then SIGCONT to unpause). You can do it in a
loop like this:
ook into it.
I haven't looked into details nor tried it yet, but on the first sight
looks really cool!
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad t
ectory. Should be good now.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl0Ym/sACgkQ24
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, Jun 29, 2019 at 12:45:51AM +0200, Marek Marczykowski-Górecki wrote:
> On Fri, Jun 28, 2019 at 09:43:19PM +, mossy wrote:
> > Hi,
> >
> > Updating my qubes templates (debian-9, fedora-29/-30, whonix-14) have
>
t;
> There's also this bug report:
> https://github.com/QubesOS/qubes-issues/issues/5130
>
> Any updates?
Indeed there is some problem. Working on it, should be back in few
minutes (hopefully).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messe
packages in most cases... But also
shouldn't download old package when newer is already there, unless
you've explicitly requested it to do so.
But you don't have newer kernel (like 4.19.x), running `dnf update` or
`qubes-dom0-update` after doing reinstall for other packages should
help.
- --
Best
e behaves like 'apt autoremove'. And
qubes-vm-recommended depends on thunderbird-qubes, which depends on
thunderbird. So when you remove thunderbird, qubes-vm-recommended needs
to be removed too.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order
is to move EFI/qubes/*
into EFI/BOOT/ after each update. The path is included in relevant
packages, so you can't just configure it different. But you can move
bigger files (xen.efi, vmlinuz, initramfs) instead of copying to save
some space.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Th
hich, badly enough, insists on /EFI/BOOT. So
> could files in efi/EFI/qubes be sym'linked ??
This unfortunately won't fly. EFI System Partition (ESP) is accessed
directly by UEFI and needs to be FAT32, which does not support symlinks.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible T
mfs-KERNEL_VERSION.img
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlziEF
e new
Xen binaries.
Credits
See the original Xen Security Advisory.
References
===
[1] https://xenbits.xen.org/xsa/advisory-297.html
- --
The Qubes Security Team
https://www.qubes-os.org/security/
```
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Be
own network connection and report if there are any updates
available.
When you actually download and install those updates (over Tor) in the
template is up to you, it isn't immediately after checking if something
is available, so time based correlation isn't really an issue here.
- --
Best Regards,
em is that I cannot read it. Is there any way to read it, e.g., by
> disabling the automatic reboot somehow?
Try pointing kernel at hvc0 console (console=hvc0 kernel arg), then you
should get it in /var/log/xen/console/guest-VMNAME.log.
- --
Best Regards,
Marek Marczykowski-Górecki
Invis
R4.1
(gui-agent-linux master branch).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlyK+
expected is the dom0 prompt would have "Disposable VM (dvm-print)"
> entry pre selected.
>
> Seems like a bug?
Indeed. Could you report it at
https://github.com/QubesOS/qubes-issues/issues ?
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because
sed in dom0 (meaning: one of the same name) get used? Or should the
> theme preferred by that template's user account get used? Not
> sure what the most natural answer is. But I'm satisfied for now.
I think the logical thing to do, would be to use template's preferred
theme. If desirable, ther
comes with relevant firewall
rules.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlxx5
VM template for it. This have one important advantage - will work
universally regardless of configuration/tools you use, including custom
VPN scripts etc.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normall
[2] https://www.qubes-os.org/doc/data-leaks/
[3] https://www.qubes-os.org/doc/glossary/#dvm-template
[4] https://www.whonix.org/wiki/Qubes/Install
[5] https://github.com/QubesOS/qubes-issues/issues/1121
- --
The Qubes Security Team
https://www.qubes-os.org/security/
```
- --
Best Regards,
Marek Marczy
> Regards,
> Vít Šesták 'v6ak'
>
> [1] https://www.qubes-os.org/news/2019/01/09/qubes-401/
> [2] https://www.debian.org/security/2019/dsa-4371
> [3] https://www.qubes-os.org/downloads/
>
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because
firewall.
There is clear message what to do if you want to cut the qube from the
network.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGI
te to the same version it already have
installed. Looks to be this issue:
https://github.com/QubesOS/qubes-issues/issues/4792
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a ba
or you?
Regardless of the above, I've notified mirror operator.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpu
l), you can forcibly remove the package with:
sudo rpm -e --noscripts qubes-template-fedora-29-minimial
See also https://www.qubes-os.org/doc/reinstall-template/
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normal
updated the whonix-gw-14 and whonix-ws-14 as well. I am planning to use
> the pre-update AppVMs as a backup and transfer necessary data to the newly
> created post-update AppVMs. Than delete them.
> In this case, I can just rename the anon-whonix AppVM and the new anon-whonix
> will be cre
henge its name to prevent data loss?
No, if anon-whonix already exists, it will not be recreated.
But note anon-whonix is based on whonix-ws-14 template, which is also
affected. You should update it to unaffected version using one of the
methods described in the QSB.
- --
Best Regards,
Marek Mar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Jan 25, 2019 at 01:58:59PM +0100, Patrik Hagara wrote:
> On 1/24/19 5:18 PM, Patrik Hagara wrote:
> > On 1/20/19 1:57 AM, Marek Marczykowski-Górecki wrote:
> >> Hi all,
> >>
> >> There is updated "ker
> Would that somehow force cache busting for some reason?
No. But it would be easier - no need to think in which repository given
template is. In this particular case, it should be fine as given
template is only in one of those repositories.
> > Also, using the 'upgrade' action is a lot le
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Thu, Jan 24, 2019 at 01:10:42AM +, js...@bitmessage.ch wrote:
> Marek Marczykowski-Górecki:
> > Summary
> >
> >
> > The Debian Security Team has announced a security vulnerability
> > (DSA-4371-1)
s://www.debian.org/security/2019/dsa-4371
- --
The Qubes Security Team
https://www.qubes-os.org/security/
```
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BE
esOS/qubes-issues/issues
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlxDx4YACgkQ24/THMrX
specially if you see any error message at the end.
> I did sudo dnf downgrade kernel and it didin't work.
> I had to change grub to fix.
You should be able to choose older version in grub menu.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the
proute. Similar problem happened to Debian template[1] and it
was fixed there, but apparently Fedora is also affected. I'll add
relevant dependency.
[1] https://github.com/QubesOS/qubes-issues/issues/4411
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the o
the whonix-gw and -ws error I got...
You need to install python-concurrent.futures package there. Open
terminal in whonix-gw (and -ws) and execute:
sudo apt install python-concurrent.futures
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order
parate per-repository key, called deployment
key. But you can't re-use the same key for multiple repositories, so if
you have a project with 5 repositories, you need 5 keys...
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people no
ne depends on a lot of software without reliable
integrity verification method (or, say, a lot of NodeJS package ;) ),
then such environment would be significantly easier to compromise, and
so the key used there (even if not leaked, then used from there to
sign/decrypt anything).
- --
Best Regards,
Mar
g-agent is that,
client can request gpg-agent to export secret keys. Which defeat the
whole purpose of keeping secret keys in separate qube - that client have
no access to its secret part.
You may want to look at https://github.com/hw42/qubes-app-linux-split-gpg2/
I think this problem does not ap
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Jan 11, 2019 at 11:23:00AM +, qtpie wrote:
>
>
> Marek Marczykowski-Górecki:
> > On Wed, Jan 09, 2019 at 10:19:00PM +, qtpie wrote:
> >> The latest dom0 update broke updating my templates. I altered
&g
issue for new templates, but for older installs, you
need to install python-concurrent.futures manually there.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-pos
om0-virtual-machines/commit/ca27a33b0ec59f5ea2d4b334973eaa837f11ffc4
>
> I'm not saying this is a bug, I can understand that an update is not
> compatible with certain customisations and it is the users responsiblity
> to fix this.
>
> In any case - enjoying Qubes everyday!
- --
Best Regards,
Ma
tool) also may be
helpful. evtest in dom0 may also give some hints.
> Jan 10 00:21:07 sys-usb systemd-logind[436]: Watching system buttons on
> /dev/input/event6 (SE Mooltipass)
(...)
> Testing ... (interrupt to exit)
> ***
> This dev
at means nothing
> else can download packages or data.
>
> In the short term, you can try enabling networking temporarily for the
> template while you install snap packages. Just set the netvm in the
> template's settings.
>
> In the long term, Qubes users may benefit from a s
ot;4.0.1-rc2".
[1] https://github.com/QubesOS/qubes-issues/issues/4667
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAA
/debian/upgrade-8-to-9/
[Whonix 14]: https://www.whonix.org/wiki/Upgrading_Whonix_13_to_Whonix_14
This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2019/01/09/qubes-401/
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up
ailable on the Qubes website:
https://www.qubes-os.org/news/2019/01/08/canary-18/
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBA
gt;
>
> See:
>
> https://github.com/QubesOS/qubes-issues/issues/4223
>
> and
>
> https://github.com/QubesOS/qubes-doc/pull/739
>
> >
> > Seems like this happened with 28 release as well
> >
>
- --
Best Regards,
Marek Marczyk
; Within that "thin pool", a logical volume, "root" has been created that uses
> all the disk space currently assigned.
Yes, that's right.
- From what I've seen in this thread, you did it right, but the system you
used didn't support thin volumes. You can try Qubes insta
fter installing the extension.
> Why is my extension not being loaded? Am I missing something here? How can I
> debug extensions and make sure they are being loaded? Is there a log
> somewhere?
>
> Is Qubes OS going to call my `on_vm_start()` function whenever a VM is
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Mon, Oct 15, 2018 at 11:19:54PM +, floasretch wrote:
> ‐‐‐ Original Message ‐‐‐
> On Monday, October 15, 2018 4:52 PM, Marek Marczykowski-Górecki
> wrote:
>
> > > Same result with qubes.StartApp+debian-xterm
&g
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Mon, Oct 15, 2018 at 10:41:45PM +, floasretch wrote:
> ‐‐‐ Original Message ‐‐‐
> On Monday, October 15, 2018 3:34 PM, Marek Marczykowski-Górecki
> wrote:
> > > [user@dom0 ~]$ qvm-run --verbose --autostart --di
going wrong?
The +xterm part should be a base name of .desktop file in
/usr/share/applications (or other directory per XDG standard). xterm on
Debian happens to have debian-xterm.desktop, so it should be
qubes.StartApp+debian-xterm.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Thin
orarily unavailable
> on X server ":0"
> lfs qubes-gui[660]: after 37 requests (36 known processed) with 0 events
> remaining)
>
> X works (startx shows me a desktop and consoles), but nothing yet from
> getting Qubes GUI agent and qrexec.
qubes-gui-agent starts its own X s
ith
- --password-store=basic.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/T
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
I've published the first post on my blog:
https://blog.marmarek.net/blog/2018/10/11/keyboard-backlight-color-qubes.html
Have fun!
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which
ed on it). Actually, you may
need to apply workaround temporarily to be able to install updates...
[1] https://www.qubes-os.org/doc/software-update-vm/#debian
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which peop
instead add a
proxy which checks qrexec policy even if action is performed from dom0.
That is not unthinkable, but definitely require some work, and still it
is a workaround.
But Qubes 4.1 is still in development and I think will not be ready this
year, maybe Q1 2019, depending on progress. GUI d
-testing install \
> qubes-u2f
>
>
> There should be something similar for debian's apt-get
All u2f-related packages area already in stable repository (since
yesterday), so the above is not needed anymore.
- --
Best Regards,
Marek Marczykowski-Górecki
Invis
1 - 100 of 736 matches
Mail list logo
